GFI: There's a Fake, Malicious Google Chrome .exe File Update Online
January 14, 2013
By Daniel Brecht, Contributing Writer
Attention Google (News - Alert) Chrome users: The security update Google allegedly released last Thursday to ensure built-in malware and phishing protection is reportedly a “fake” Chrome update.
This news was uncovered by the security vendor, GFI Software, which reported on Friday, the company found the Chrome update carrying a Trojan horse (named google_chrome_update.exe) activates a special malware program that enables the server to issue a DNS (domain name system) request to sites connected to Zeus’ botnets, with the purpose of spreading the Trojan and sending users to a Blackhole exploit kit server's landing page, stated Chris Boyd, a senior threat researcher for GFI, in a blog post.
This Trojan is a disguise: It is an update for the Google Chrome browser that is, in reality, a bogus update posted on the Internet by cyber criminals to trick users into downloading the essential security update for the browser.
Boyd said the Trojan file had been an attempt to steal victims’ identities, personal data and online banking credentials – or else monitor their Internet activities, if not worse, infect users’ PCs with malware.
Even though the update for the Google Chrome browser looks legitimate and mimics correct procedures in downloading the executable file, Boyd says it is not. It’s fake, he says, and is a warning.
Boyd encourages users not to fall into this trap and discard any notifications telling them to update their Google Chrome browser.
According to Boyd, those attempting to download the file while using Chrome will get a warning that they’re trying to install a file that “appears malicious.”
Users should be aware when they see such an unexpected warning allegedly coming from Google Chrome browser, as it may mislead the user to fall victim of a cyber attack, said Dodi Glenn, an antivirus product manager for GFI.
In order for Chrome users to avoid such scams, they should be cautious. It’s advised to use the discard button when not knowing if a file is safe or not to download as it may contain malware.
Security experts like Boyd and Glenn agree it may be in the best interest to have Google Chrome automatically update whenever it detects that a new version of the browser is available. (Those interested in Google Update to periodically check for updates can read more at the Google Chrome support page.)
Don’t be tricked into downloading malware. Even a free Web browser like Google Chrome, which has a solid malware-blocking rate, can be compromised by an exploit to install potential malicious code – without the user being aware – and cause damage to the machine.
Looking to grow your channel opportunities? Then be sure to attend Channel Vision Expo (CVx), collocated with ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at Channel Vision Expo. Follow us on Twitter.
Edited by Braden Becker